Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917473D/527594769EDA11E99674B877C4F9AE02/241308BEB54611EB9C6B4187C4F9AE02.roa
File: 241308BEB54611EB9C6B4187C4F9AE02.roa (raw, json)
Hash identifier: OfgQv1ndGt754MSAv+6CJhCd5mGb0AN5M2Ts7GApeDs=
Subject key identifier: C6:F6:18:04:D2:56:C4:53:B9:A1:83:68:44:18:5A:AC:D2:05:8F:7C
Certificate issuer: /CN=A917473D/serialNumber=9C68F4BB98F5F8AE9D56327DF599B3C1180795F1
Certificate serial: 099B
Authority key identifier: 9C:68:F4:BB:98:F5:F8:AE:9D:56:32:7D:F5:99:B3:C1:18:07:95:F1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nGj0u5j1-K6dVjJ99ZmzwRgHlfE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917473D/527594769EDA11E99674B877C4F9AE02/241308BEB54611EB9C6B4187C4F9AE02.roa
Signing time: Wed 20 Oct 2021 07:26:54 +0000
ROA not before: Wed 20 Oct 2021 07:26:54 +0000
ROA not after: Fri 30 Dec 2022 00:00:00 +0000
asID: 24433
IP address blocks: 138.77.0.0/16 maxlen: 16
138.77.104.0/21 maxlen: 21
138.77.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2459 (0x99b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917473D/serialNumber=9C68F4BB98F5F8AE9D56327DF599B3C1180795F1
Validity
Not Before: Oct 20 07:26:54 2021 GMT
Not After : Dec 30 00:00:00 2022 GMT
Subject: CN=616fc4be-e3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ea:8c:90:f5:94:d1:4e:a7:9d:e1:22:b5:90:
6e:1d:29:1d:af:6e:6c:87:f1:89:85:20:89:f9:63:
f8:c5:9b:ae:b7:94:82:ef:a9:91:b5:a3:b1:d0:71:
98:e0:f2:9b:99:2f:61:24:73:f5:01:67:3d:a1:12:
73:a7:2a:09:22:9b:7a:17:ff:88:b8:0a:a6:61:d8:
8e:7a:cb:cc:d8:dc:a8:f2:85:ed:8d:da:46:f7:c4:
1f:0e:d4:d1:7a:f9:bd:ea:69:b0:ce:db:cc:98:a4:
b8:eb:19:10:78:c8:fa:89:29:2d:8d:19:e4:16:0e:
13:c3:18:c8:f0:91:e4:25:72:f7:91:7a:eb:ea:77:
56:8f:2d:a9:29:61:82:2b:70:de:57:69:08:1b:8b:
b7:44:8a:54:02:bc:a9:0d:e4:ab:d4:1c:ab:01:36:
10:a3:0c:e1:ae:3c:65:fc:90:d0:10:ec:81:f2:b5:
d2:75:6d:c6:e1:6c:d7:3d:7c:5e:01:d1:a2:eb:5e:
c6:af:43:e3:af:f0:99:0c:d3:bf:c1:73:da:2a:98:
a8:ff:4e:60:27:d4:23:ee:69:93:d8:51:39:ab:46:
42:94:0a:c8:a6:83:45:a1:01:d6:b3:37:36:40:03:
32:15:ee:0a:83:25:d8:00:bd:ef:2d:91:f3:87:63:
4d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F6:18:04:D2:56:C4:53:B9:A1:83:68:44:18:5A:AC:D2:05:8F:7C
X509v3 Authority Key Identifier:
keyid:9C:68:F4:BB:98:F5:F8:AE:9D:56:32:7D:F5:99:B3:C1:18:07:95:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917473D/527594769EDA11E99674B877C4F9AE02/nGj0u5j1-K6dVjJ99ZmzwRgHlfE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nGj0u5j1-K6dVjJ99ZmzwRgHlfE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917473D/527594769EDA11E99674B877C4F9AE02/241308BEB54611EB9C6B4187C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.77.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:9a:b7:9b:28:6f:83:6f:c9:42:db:16:2e:3a:28:e7:e3:76:
76:7c:a4:fc:b2:54:8b:11:7a:e3:37:32:d7:51:e6:7f:77:11:
73:eb:97:9a:d2:20:9d:15:c0:c8:24:c6:95:0c:11:b5:71:8f:
cd:be:e0:8b:af:ad:f3:b7:5a:ea:05:19:48:fc:c6:04:9f:13:
aa:f1:14:c9:98:b8:4f:f1:5e:e9:5c:59:7c:89:e2:60:85:a5:
c6:ed:d9:b2:9b:31:15:0e:52:41:e8:e3:89:d4:e8:93:7d:74:
34:d7:64:06:f7:0a:1b:2a:44:78:74:12:4f:1b:dd:19:6c:dd:
44:2d:90:90:cf:b2:37:8d:be:b8:50:3f:26:c0:44:26:e9:4a:
35:07:48:f5:81:83:c7:d3:32:3b:76:12:5c:26:cf:11:bc:82:
e0:30:d1:10:a5:18:ed:84:d7:22:4f:67:53:3d:b2:c0:d1:2d:
2a:e2:ee:ad:35:fa:f3:c2:8a:bc:14:f9:19:ca:23:08:91:7f:
06:bc:44:a9:8d:8c:f9:08:7e:b5:7e:e4:74:31:b8:ff:46:99:
d6:d8:17:26:27:52:89:c9:c3:77:d6:ae:90:ee:12:46:00:50:
6b:2a:a5:34:77:05:26:3c:4b:1c:cc:24:d4:7b:31:51:5a:78:
cb:5d:a0:f3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgICCZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQ3M0QxMTAvBgNVBAUTKDlDNjhGNEJCOThGNUY4QUU5RDU2MzI3REY1OTlCM0Mx
MTgwNzk1RjEwHhcNMjExMDIwMDcyNjU0WhcNMjIxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTZmYzRiZS1lM2ZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAquqMkPWU0U6nneEitZBuHSkdr25sh/GJhSCJ+WP4xZuut5SC76mRtaOx0HGY
4PKbmS9hJHP1AWc9oRJzpyoJIpt6F/+IuAqmYdiOesvM2Nyo8oXtjdpG98QfDtTR
evm96mmwztvMmKS46xkQeMj6iSktjRnkFg4TwxjI8JHkJXL3kXrr6ndWjy2pKWGC
K3DeV2kIG4u3RIpUArypDeSr1ByrATYQowzhrjxl/JDQEOyB8rXSdW3G4WzXPXxe
AdGi617Gr0Pjr/CZDNO/wXPaKpio/05gJ9Qj7mmT2FE5q0ZClArIpoNFoQHWszc2
QAMyFe4KgyXYAL3vLZHzh2NNJQIDAQABo4IClDCCApAwHQYDVR0OBBYEFMb2GATS
VsRTuaGDaEQYWqzSBY98MB8GA1UdIwQYMBaAFJxo9LuY9fiunVYyffWZs8EYB5Xx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDczRC81Mjc1OTQ3NjlF
REExMUU5OTY3NEI4NzdDNEY5QUUwMi9uR2owdTVqMS1LNmRWako5OVptendSZ0hs
ZkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL25HajB1NWoxLUs2ZFZqSjk5Wm16d1JnSGxmRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQ3M0QvNTI3NTk0NzY5RURBMTFFOTk2NzRCODc3QzRGOUFFMDIvMjQxMzA4QkVC
NTQ2MTFFQjlDNkI0MTg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8E
DzANMAsEAgABMAUDAwCKTTANBgkqhkiG9w0BAQsFAAOCAQEAtJq3myhvg2/JQtsW
Ljoo5+N2dnyk/LJUixF64zcy11Hmf3cRc+uXmtIgnRXAyCTGlQwRtXGPzb7gi6+t
87da6gUZSPzGBJ8TqvEUyZi4T/Fe6VxZfIniYIWlxu3ZspsxFQ5SQejjidTok310
NNdkBvcKGypEeHQSTxvdGWzdRC2QkM+yN42+uFA/JsBEJulKNQdI9YGDx9MyO3YS
XCbPEbyC4DDREKUY7YTXIk9nUz2ywNEtKuLurTX688KKvBT5GcojCJF/BrxEqY2M
+Qh+tX7kdDG4/0aZ1tgXJidSicnDd9aukO4SRgBQayqlNHcFJjxLHMwk1HsxUVp4
y12g8w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:44 2023 by rpki-client on console-ams.rpki-client.org